Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138302e302f32342d3234203d3e203438353932.roa
File: 3138352e33392e3138302e302f32342d3234203d3e203438353932.roa (raw, json)
Hash identifier: eRfFsAmiOd7fmXSkLY1iDQqDLPihvnF73pAdlTyZEec=
Subject key identifier: C5:E1:8D:ED:0F:68:29:07:5F:E5:20:B3:57:94:3A:3D:97:C3:1F:93
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 467C68ADF6BBE35F78BBD188BBDBE5857A26E6F6
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138302e302f32342d3234203d3e203438353932.roa
Signing time: Tue 25 Mar 2025 06:20:07 +0000
ROA not before: Tue 25 Mar 2025 06:15:07 +0000
ROA not after: Tue 24 Mar 2026 06:20:07 +0000
asID: 48592
IP address blocks: 185.39.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:7c:68:ad:f6:bb:e3:5f:78:bb:d1:88:bb:db:e5:85:7a:26:e6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Mar 25 06:15:07 2025 GMT
Not After : Mar 24 06:20:07 2026 GMT
Subject: CN=C5E18DED0F6829075FE520B357943A3D97C31F93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:be:f3:68:51:7c:37:ef:dd:de:a9:0e:33:29:
db:57:e5:ca:d1:ba:30:d9:56:4f:28:46:86:e8:3b:
71:c7:77:3c:11:34:a9:e6:4d:e6:a2:44:55:2b:cc:
a3:5b:b3:d6:b5:63:fe:d9:4e:5b:d8:85:24:c7:d4:
45:3d:7c:91:f9:51:c0:f0:76:b4:63:49:ee:c9:69:
fd:0c:ca:d4:9f:f4:44:db:93:5d:b8:48:2b:33:10:
6f:68:43:46:fc:8b:9b:31:bc:28:5d:2b:88:e3:47:
44:e1:88:38:ea:3e:d0:fc:6a:92:f8:92:13:65:0c:
cc:95:ec:2b:83:53:43:b7:61:f3:43:6e:43:76:df:
1b:1c:fc:e4:e6:12:91:64:d8:de:56:bb:4f:18:c5:
6d:74:e9:69:94:97:e4:a4:00:98:fb:24:02:79:be:
71:ef:92:19:dc:24:1e:57:f2:8a:66:e2:51:4e:c7:
44:c7:f4:1f:87:d3:a1:48:4f:d3:03:22:ae:4c:71:
29:97:0a:d9:14:f5:34:ba:92:64:62:8a:ab:29:b2:
c7:39:44:58:d8:32:bd:26:2d:dc:60:ba:e4:f9:7f:
3e:f6:16:f4:f6:4e:e5:8a:10:56:9b:88:99:b4:c5:
b7:7f:b9:8e:80:44:05:32:f6:94:23:84:3b:b1:43:
40:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E1:8D:ED:0F:68:29:07:5F:E5:20:B3:57:94:3A:3D:97:C3:1F:93
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3138352e33392e3138302e302f32342d3234203d3e203438353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.180.0/24
Signature Algorithm: sha256WithRSAEncryption
86:f0:ec:73:88:49:31:81:0f:5f:c7:2e:3b:e2:42:e1:4f:00:
84:62:0a:ad:61:fc:c9:a1:d8:c5:24:5a:12:3d:9f:65:ed:70:
df:5a:7d:3d:71:78:d9:d7:e1:26:69:f2:f7:b2:91:14:47:0b:
6b:e4:2b:df:dc:2f:04:d9:76:2f:ea:cb:d3:e7:6d:c1:d0:c6:
c4:82:06:2e:70:8f:3a:d4:df:69:d6:f6:31:ce:ce:73:5a:12:
b1:6d:a3:8c:d0:f9:c6:fc:98:16:01:c6:5a:ff:0c:ab:0f:cc:
55:8d:7d:d0:0c:1f:18:4c:86:b8:b1:70:40:fd:4e:c3:fb:e9:
ee:22:1f:ca:99:27:40:c9:c7:d0:4e:f8:5c:71:21:79:41:bf:
8d:77:01:87:85:ff:e8:13:bb:51:c4:33:24:31:52:12:d6:ad:
f8:f6:bf:3e:f3:52:95:4e:16:e4:90:0b:79:b0:67:71:3b:6c:
96:9a:bf:e6:9e:6d:1d:54:10:9a:04:fa:8c:77:56:b2:f2:52:
ad:4e:fe:eb:4f:7c:a2:11:89:6e:19:07:98:2c:4f:20:31:a7:
8c:21:53:fc:5f:5f:26:c4:0b:2b:67:e2:7d:d0:bd:47:82:14:
12:7a:86:91:73:a1:7a:56:01:6b:2d:b9:60:ba:cd:65:f5:5b:
e9:12:32:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURnxorfa74194u9GIu9vlhXom5vYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTAzMjUwNjE1MDdaFw0yNjAzMjQwNjIwMDdaMDMxMTAvBgNV
BAMTKEM1RTE4REVEMEY2ODI5MDc1RkU1MjBCMzU3OTQzQTNEOTdDMzFGOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuvvNoUXw3793eqQ4zKdtX5crR
ujDZVk8oRoboO3HHdzwRNKnmTeaiRFUrzKNbs9a1Y/7ZTlvYhSTH1EU9fJH5UcDw
drRjSe7Jaf0MytSf9ETbk124SCszEG9oQ0b8i5sxvChdK4jjR0ThiDjqPtD8apL4
khNlDMyV7CuDU0O3YfNDbkN23xsc/OTmEpFk2N5Wu08YxW106WmUl+SkAJj7JAJ5
vnHvkhncJB5X8opm4lFOx0TH9B+H06FIT9MDIq5McSmXCtkU9TS6kmRiiqspssc5
RFjYMr0mLdxguuT5fz72FvT2TuWKEFabiJm0xbd/uY6ARAUy9pQjhDuxQ0ArAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxeGN7Q9oKQdf5SCzV5Q6PZfDH5MwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzODM1MmUzMzM5MmUzMTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzUzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSe0MA0GCSqGSIb3DQEBCwUAA4IBAQCG8OxziEkxgQ9fxy474kLhTwCEYgqtYfzJ
odjFJFoSPZ9l7XDfWn09cXjZ1+EmafL3spEURwtr5Cvf3C8E2XYv6svT523B0MbE
ggYucI861N9p1vYxzs5zWhKxbaOM0PnG/JgWAcZa/wyrD8xVjX3QDB8YTIa4sXBA
/U7D++nuIh/KmSdAycfQTvhccSF5Qb+NdwGHhf/oE7tRxDMkMVIS1q349r8+81KV
ThbkkAt5sGdxO2yWmr/mnm0dVBCaBPqMd1ay8lKtTv7rT3yiEYluGQeYLE8gMaeM
IVP8X18mxAsrZ+J90L1HghQSeoaRc6F6VgFrLblgus1l9VvpEjJ0
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:41:09 2025 by rpki-client